New GPLv3 OpenPGP card implementation (on a java card).

Pete Stephenson pete at
Wed Oct 16 12:01:56 CEST 2013

On Wed, Oct 16, 2013 at 11:40 AM, Werner Koch <wk at> wrote:
> On Tue, 15 Oct 2013 11:41, pete at said:
>> Also, are there any smartcards out there that would support DSA/ELG
>> keys? All the cards I've seen and used support RSA only.
> You don't want DSA on smartcards - at least not until they are able to
> do deterministic DSA (rfc-6979).

I knew that DSA fails catastrophically with low entropy (where
"catastrophically" = "leaking the private key"), but I would hope that
any DSA-capable smartcard would have a decent hardware RNG built in.

I'm not familiar with RFC 6979. Thanks for the link. It's good to see
people taking that issue into account.


More information about the Gnupg-users mailing list